The Hacker News

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
Dark Reading

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
Bleeping Computer

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...
marktechpost

Google AI Releases a CLI Tool (gws) for Workspace APIs: Providing a Unified Interface for Humans and AI Agents

Integrating Google Workspace APIs—such as Drive, Gmail, Calendar, and Sheets—into applications and data pipelines typically requires writing boilerplate code to handle REST endpoints, pagination, and ...
The Verge

GitHub adds Claude and Codex AI coding agents

Microsoft-owned GitHub continues to embrace OpenAI and Anthropic AI advances. Microsoft-owned GitHub continues to embrace OpenAI and Anthropic AI advances. is a senior correspondent and author of ...
Visual Studio Magazine

Hands On with New GitHub Agents Tab for Repo-Level Copilot Coding Agent Workflows

GitHub has introduced an Agents tab that provides a repository-level view of Copilot coding agent tasks and sessions. The Agents workflow produces normal pull requests, enabling review and validation ...
GitHub

Consider adding support for Really Simple Licensing (RSL)

Really Simple Licensing (RSL) is an evolution of the early ideas behind the widely adopted RSS standard, which provided a machine-readable framework for publishers to syndicate content to third-party ...